How to remove “Trojan-Spy.MSIL.SpyEyes”?

The Trojan-Spy.MSIL.SpyEyes is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Trojan-Spy.MSIL.SpyEyes virus can do?

Presents an Authenticode digital signature
Network activity detected but not expressed in API logs
Anomalous binary characteristics

How to determine Trojan-Spy.MSIL.SpyEyes?


File Info:
crc32: BE64BABC
md5: bfa6f317d3c0cc2d0108ed2787df21e9
name: upload_file
sha1: 118b447ce23159c8d91d3926685487f7971a86a4
sha256: 8b3f0e932a336d8651b421b8437389bb7ca6242debbd22add47afbcb913b102c
sha512: df80105ef89febf50609e35e9c23348aa9dd3ae230941f86d7410d4539bd8bb51f94c6133c887c5a5c895d2ff4423fdf73d2c6f08bdb5ae0f1fe4843e619cd07
ssdeep: 1536:KKDErA2g615Ye3qeWb8dB41fHru3p21AjrUfp:bEE2X15YeIYdB41vK3poN
type: PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows

Version Info:
LegalCopyright: xa9 x52d2x52d2x827e. All rights reserved.
Assembly Version: 1.2.5.1
FileVersion: 0.3.6.1
CompanyName: x827ex52d2x8d3c
LegalTrademarks: x543ex543ex6770
Comments: x52d2x8d3cx8d3c x8d3cx6770x8d3c
ProductName: x827ex543ex6770 x6770x827ex543e
ProductVersion: 1.2.5.1
FileDescription: x827ex6770x52d2 x543ex827ex8d3c
OriginalFilename: x827ex543ex6770 x6770x827ex543e.exe
Translation: 0x0409 0x0514

Trojan-Spy.MSIL.SpyEyes also known as:

MicroWorld-eScan	Trojan.GenericKD.44020547
ALYac	Trojan.GenericKD.44020547
Cylance	Unsafe
K7AntiVirus	Trojan-Downloader ( 00570b0f1 )
BitDefender	Trojan.GenericKD.44020547
K7GW	Trojan-Downloader ( 00570b0f1 )
BitDefenderTheta	Gen:NN.ZemsilCO.34298.em1@a0CvlEci
Cyren	W32/MSIL_Troj.YW.gen!Eldorado
Symantec	Trojan.Gen.MBT
Paloalto	generic.ml
Kaspersky	HEUR:Trojan-Spy.MSIL.SpyEyes.gen
Alibaba	TrojanSpy:MSIL/SpyEyes.e418413f
ViRobot	Trojan.Win32.Z.Spyeyes.74552
Ad-Aware	Trojan.GenericKD.44020547
Sophos	Mal/Generic-S
Comodo	Malware@#3qypzgpuujxgj
F-Secure	Trojan.TR/Dldr.Agent.osqzo
DrWeb	Trojan.DownLoader34.61855
Invincea	Mal/Generic-S
McAfee-GW-Edition	RDN/Generic PWS.y
Emsisoft	Trojan.GenericKD.44020547 (B)
Webroot	W32.Trojan.Gen
Avira	TR/Dldr.Agent.osqzo
Microsoft	Trojan:Win32/Woreflint.A!cl
Arcabit	Trojan.Generic.D29FB343
ZoneAlarm	HEUR:Trojan-Spy.MSIL.SpyEyes.gen
GData	Trojan.GenericKD.44020547
McAfee	RDN/Generic PWS.y
ESET-NOD32	a variant of MSIL/TrojanDownloader.Agent.GVX
TrendMicro-HouseCall	TROJ_GEN.R06BC0PJA20
MAX	malware (ai score=84)
Fortinet	Malicious_Behavior.SB
Qihoo-360	Generic/Trojan.Spy.147
Panda	Trj/RnkBend.A
CrowdStrike	win/malicious_confidence_60% (W)

How to remove Trojan-Spy.MSIL.SpyEyes?

Trojan-Spy.MSIL.SpyEyes removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X